Bug#1021052: /usr/share/man/man7/kernel_lockdown.7.gz: kernel_lockdown(7): Rule about "unencrypted hibernation" is unclear
Jonathan Neuschäfer
Version: 5.13-1
Severity: normal
File: /usr/share/man/man7/kernel_lockdown.7.gz
The kernel_lockdown(7) manpage states:
• Unencrypted hibernation/suspend to swap are disallowed as the kernel
image is saved to a medium that can then be accessed.
I have a swap partition in LVM on an encrypted volume, so it could
arguably count as encrypted. However "systemctl hibernate" fails
and places the following line into the system log:
[ 727.705737] Lockdown: systemd-logind: hibernation is restricted; see man kernel_lockdown.7
It is unclear to me whether I'm seeing false documentation or a bug in
the implementation or my local configuration.
Please clarify the kernel_lockdown(7) manpage with regards to this
relatively common situation of swap on LVM on LUKS.
Best regards.
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.19.0-2-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
manpages depends on no packages.
manpages recommends no packages.
Versions of packages manpages suggests:
ii man-db [man-browser] 2.10.2-3
-- no debconf information
Helge Kreutzmann
thanks
Hello Tobias,
> Please clarify the kernel_lockdown(7) manpage with regards to this
> relatively common situation of swap on LVM on LUKS.
Upstream is quite responsive.
Greetings
Helge
--
Dr. Helge Kreutzmann deb...@helgefjell.de
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/